Replace field StartRegistrationOptions.requireResidentKey with authen…

…ticatorSelection
Yubico · Oct 5, 2018 · 01f5295 · 01f5295
1 parent 46d70c0
commit 01f5295
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 10 deletions.
diff --git a/NEWS b/NEWS
@@ -1,3 +1,11 @@
+== Version 0.4.0 (unreleased) ==
+
+Breaking changes:
+
+* Field `StartRegistrationOptions.requireResidentKey: boolean` replaced with
+  field `authenticatorSelection: Optional<AuthenticatorSelectionCriteria>`
+
+
 == Version 0.3.0 ==
 
 * Major API overhaul; public API changes include but are not limited to:

diff --git a/webauthn-server-core/src/main/java/com/yubico/webauthn/RelyingParty.java b/webauthn-server-core/src/main/java/com/yubico/webauthn/RelyingParty.java
@@ -6,7 +6,6 @@
 import com.yubico.webauthn.data.AttestationConveyancePreference;
 import com.yubico.webauthn.data.AuthenticatorAssertionResponse;
 import com.yubico.webauthn.data.AuthenticatorAttestationResponse;
-import com.yubico.webauthn.data.AuthenticatorSelectionCriteria;
 import com.yubico.webauthn.data.ByteArray;
 import com.yubico.webauthn.data.ClientAssertionExtensionOutputs;
 import com.yubico.webauthn.data.ClientRegistrationExtensionOutputs;
@@ -68,11 +67,7 @@ public PublicKeyCredentialCreationOptions startRegistration(StartRegistrationOpt
             .excludeCredentials(
                 Optional.of(credentialRepository.getCredentialIdsForUsername(startRegistrationOptions.getUser().getName()))
             )
-            .authenticatorSelection(Optional.of(
-                AuthenticatorSelectionCriteria.builder()
-                    .requireResidentKey(startRegistrationOptions.isRequireResidentKey())
-                    .build()
-            ))
+            .authenticatorSelection(startRegistrationOptions.getAuthenticatorSelection())
             .attestation(attestationConveyancePreference.orElse(AttestationConveyancePreference.DEFAULT))
             .extensions(startRegistrationOptions.getExtensions())
             .build();

diff --git a/webauthn-server-core/src/main/java/com/yubico/webauthn/StartRegistrationOptions.java b/webauthn-server-core/src/main/java/com/yubico/webauthn/StartRegistrationOptions.java
@@ -1,7 +1,9 @@
 package com.yubico.webauthn;
 
+import com.yubico.webauthn.data.AuthenticatorSelectionCriteria;
 import com.yubico.webauthn.data.RegistrationExtensionInputs;
 import com.yubico.webauthn.data.UserIdentity;
+import java.util.Optional;
 import lombok.Builder;
 import lombok.NonNull;
 import lombok.Value;
@@ -15,9 +17,10 @@ public class StartRegistrationOptions {
 
     @NonNull
     @Builder.Default
-    private final RegistrationExtensionInputs extensions = RegistrationExtensionInputs.builder().build();
+    private final Optional<AuthenticatorSelectionCriteria> authenticatorSelection = Optional.empty();
 
+    @NonNull
     @Builder.Default
-    private final boolean requireResidentKey = false;
+    private final RegistrationExtensionInputs extensions = RegistrationExtensionInputs.builder().build();
 
 }
diff --git a/webauthn-server-demo/src/main/java/demo/webauthn/WebAuthnServer.java b/webauthn-server-demo/src/main/java/demo/webauthn/WebAuthnServer.java
@@ -29,6 +29,7 @@
 import com.yubico.webauthn.data.AssertionResult;
 import com.yubico.webauthn.data.AttestationConveyancePreference;
 import com.yubico.webauthn.data.AttestationType;
+import com.yubico.webauthn.data.AuthenticatorSelectionCriteria;
 import com.yubico.webauthn.data.ByteArray;
 import com.yubico.webauthn.data.PublicKeyCredentialDescriptor;
 import com.yubico.webauthn.data.PublicKeyCredentialParameters;
@@ -157,7 +158,10 @@ public Either<String, RegistrationRequest> startRegistration(
                             .id(challengeGenerator.generateChallenge())
                             .build()
                         )
-                        .requireResidentKey(requireResidentKey)
+                        .authenticatorSelection(Optional.of(AuthenticatorSelectionCriteria.builder()
+                            .requireResidentKey(requireResidentKey)
+                            .build()
+                        ))
                         .build()
                 )
             );
@@ -195,7 +199,10 @@ public <T> Either<List<String>, AssertionRequest> startAddCredential(
                     rp.startRegistration(
                         StartRegistrationOptions.builder()
                             .user(existingUser)
-                            .requireResidentKey(requireResidentKey)
+                            .authenticatorSelection(Optional.of(AuthenticatorSelectionCriteria.builder()
+                                .requireResidentKey(requireResidentKey)
+                                .build()
+                            ))
                             .build()
                     )
                 );